Skip to main content
CVE-2022-0824 HIGH POC PATCH THREAT Act Now

Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass RCE Webmin
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
97.0%
CVE-2022-0819 HIGH POC PATCH THREAT This Week

Code Injection in GitHub repository dolibarr/dolibarr prior to 15.0.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Code Injection Dolibarr Erp Crm
NVD GitHub
CVSS 3.1
8.8
EPSS
43.6%
CVE-2022-0829 HIGH POC PATCH This Week

Improper Authorization in GitHub repository webmin/webmin prior to 1.990. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Webmin
NVD GitHub
CVSS 3.1
8.1
EPSS
1.3%
CVE-2022-25115 HIGH POC This Week

A remote code execution (RCE) vulnerability in the Avatar parameter under /admin/?page=user/manage_user of Home Owners Collection Management System v1.0 allows attackers to execute arbitrary code via. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Home Owners Collection Management System
NVD GitHub
CVSS 3.1
7.8
EPSS
1.5%
CVE-2022-25393 HIGH POC This Week

Simple Bakery Shop Management v1.0 was discovered to contain a SQL injection vulnerability via the username parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Simple Bakery Shop Management
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2021-38266 HIGH PATCH This Week

The Portal Security module in Liferay Portal 7.2.1 and earlier, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 17 and 7.2 before fix pack 5 does not correctly import users from LDAP,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Liferay Portal Digital Experience Platform
NVD VulDB
CVSS 3.1
7.5
EPSS
2.2%
CVE-2022-22301 HIGH PATCH This Week

An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Fortiap C
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-0711 HIGH PATCH This Week

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Haproxy Openshift Container Platform Software Collections Enterprise Linux +1
NVD GitHub
CVSS 3.1
7.5
EPSS
16.6%
CVE-2022-25634 HIGH PATCH This Week

Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Qt
NVD
CVSS 3.1
7.5
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy